The cloudformation template is valid, but giving an error which seems to be undocumented.
Properties validation failed for resource MoodleRDS with message: #/VPCSecurityGroups: array items are not unique
Code is uploaded at github because it was too long for the post.
https://github.com/rkhyd/MoodleQuickStart/blob/main/MoodleQuickStartv2.json
Any ideas on how to fix?
I checked in the documentation, but could not find any such reference.
Thanks in advance
The issue is actually pretty clear. It says that you have values in your security groups list that are not unique. Here's what you put :
"VPCSecurityGroups": [
{
"Fn::GetAtt": [
"DBSecGroup",
"GroupId"
]
},
{
"Ref": "DBSecGroup"
}
],
What you did here is, you put 2 values in your list, but they are actually the same value... Fn:GetAtt will give you the DBSecGroup id, and the same will happen with "Ref":"DBSecGroup" which means that effectively, you put 2 values that are exactly the same in the list. Remove one of those and it will be ok.
Related
If I need to update the name or address of a contact, giving the field as "names, addresses" works.
How do I need to give the updateMask to update a specific field like "middleName" alone.
Providing updateMask as "names.middleName" does not work and throws the following error:
{
"error": {
"code": 400,
"message": "Invalid updatePersonFields mask path: \"names.middle_name\". Valid paths are documented at https://developers.google.com/people/api/rest/v1/people/updateContact.",
"status": "INVALID_ARGUMENT"
}
}
Anyone help?
Answer:
You need to use names as updatePersonFields, but all names need to be specified. This may be a bug, as linked below, but it is also not clear from the documentation.
More Information:
It is possible this is a bug, though until a response is obtained from the issue tracker report (which I assume was you -but if not - hit the star to help it gain more attention) about this it is not possible to know for sure.
While FieldMasks do accept sub-fields, these are not specified on the updatePersonFields documentation page, only the broader names.
You can see the list of definitely supported fields here under the Query Parameters.
Current Workaround:
While waiting for Google to respond to the bug report, the only way you can get around this is by using the names field mask, but also including the firstName and lastName parameters too when making the patch:
{
"names": [
{
"givenName": "Rafa",
"middleName": "Guillermo",
"familyName": "Rocks"
}
],
"etag": "%XxXXXx00XxxXXXXXXxXXXX00XXXXXXxXxxX0"
}
Remember: If you leave out any of these fields this is tantamount to replacing it with empty string - so be careful!
I am currently assigning AWS media-live channels to a specific group by a custom tag and want to get the (CostExplorer) GetReservationUtilization for a group's channels by filtering by tag. The AWS documentation for GetReservationUtilization lists the Filtering options as:
"Filter": {
.
.
"Tags": {
"Key": "string",
"MatchOptions": [ "string" ],
"Values": [ "string" ]
}
.
.
}
I interpret it as it should be possible to sort by a custom set tag via:
"Key": "Group",
"Value": [customId]
But I get an error that says "An error occurred (ValidationException) when calling the GetReservationUtilization operation: Tags expression is not allowed, allowed expression(s): And, Not, Dimensions"
Feels like I have tried everything possible but I cant seem to get it to work.
Have you looked at the examples boto3 documentation?
Seems you may need to wrap the tag element inside of the And, Not or supply dimensions
For anyone coming here in the future, sorting reservation-utilization by the tag dimension is currently not supported. The following dimensions are supported:
AZ
CACHE_ENGINE
DEPLOYMENT_OPTION
INSTANCE_TYPE
LINKED_ACCOUNT
OPERATING_SYSTEM
PLATFORM
REGION
SERVICE
SCOPE
TENANCY
As specified in the AWS API docs.
I have a use case where.
I want to pass multiple bucket names from parameter section and grant them read only access to those buckets in resources.i am able to achieve when count is restricted but how to achieve when count is not defined.
"Parameters": {
"S3Bucket": {
"Type": "CommaDelimitedList",
"Description": "Select Bucket Names to Associate with the policy"
},
"Resource": [{"Fn::Join": ["", ["arn:aws:s3:::","Fn::Select": ["0", {
"Ref": "S3Bucket"
}]]
}
You cant pass values dynamically as cloud-formation template doest have a concept of looping.
If you want to use CommaDelimitedList and passing e.g. 5 values from parameter you have to fetch same value count in template.
Fn::Select does not check for null values or if the index is out of bounds of the array. Both conditions will result in a stack error, so you should be certain that the index you choose is valid, and that the list contains non-null values.
Source - https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-select.html
I am trying to do this in AWS elasticsearch, whereby I create a template for the pattern application-logs-*, and then I want to apply a index policy log-rotation-policy for all indexes which match that expression. I have created my policy successfully, but when I try to create a template like so:
PUT _template/application-logs
{
"index_patterns" : [
"application-logs-*"
],
"settings" : {
"index.lifecycle.name": "log-rotation-policy",
}
}
I get an error:
"type": "illegal_argument_exception",
"reason": "unknown setting [index.policy_id] please check that any required plugins are installed, or check the breaking changes documentation for removed settings"
The AWS documentation is extremely vague,
Ok sorry I thought I would post this answer anyway because as I was writing this I figured out the problem, the correct key o use is: opendistro.index_state_management.policy_id so it should be:
PUT _template/application-logs
{
"index_patterns" : [
"application-logs-*"
],
"settings" : {
"opendistro.index_state_management.policy_id": "log-rotation-policy",
}
}
I found the answer here.
We have two types of SNS messages coming in:
1. has MessageAttributes empty like this:
"MessageAttributes": {}
2. has MessageAttributes coming in like this:
"MessageAttributes": {
"Generator": {
"Type": "String",
"Value": "some-service"
}
}
I would like to use a filter subscription policy that ignores the second type but passes the first type to the subscriber.
So I tried this for the policy:
{
"Generator": [
{
"exists": false
}
]
}
I thought this would mean it will only pass along messages that do NOT contain the Generator key in MessageAttributes
However I am seeing now that no messages are getting passed along.
The AWS Subscription Filter docs seem to support this as a solution, but they only show the opposite way of checking that a key does exist, so I'm not sure if they support checking a key doesn't exist: https://docs.aws.amazon.com/sns/latest/dg/sns-subscription-filter-policies.html#attribute-key-matching
Is this possible?
The answer from #David Adams is out of date. See the Attribute key matching docs.
Use "exists": false to return incoming messages that don't include the specified attribute.
It is now possible to exclude any messages that have a particular key by using the policy:
{
"key": [
{
"exists": false
}
]
}
Late response but may be helpful to someone.
Filtering out by lack of existance is not possible. See the bottom of https://docs.aws.amazon.com/sns/latest/dg/sns-subscription-filter-policies.html#attribute-key-matching
Note: You cannot use the exists operator to match messages in which an attribute does not exist. Filtering will NOT match any messages if you set [{"exists": false}].
You could pass a string 'null' or similar to the generator attribute if it is non existant maybe?